February 26, 2024

Members of TAG, Google’s cyber risk evaluation group, have found the existence of a safety flaw in an electronic mail service utilized by many governments around the globe. Because of this vulnerability, attackers had been in a position to steal knowledge from sure nations akin to Greece, Tunisia or Moldova.

Picture credit score: 123RF

Whereas hackers just lately exploited a vulnerability in Google Calendar to steal customers’ private info, members of TAG (Google’s cyber risk evaluation group) have simply made a brand new discovery.

This Thursday, November 16, 2023, the American big’s laptop safety researchers declare that they’ve achieved it found a very critical safety vulnerability and helped repair it. Because of this vulnerability, the hackers really succeeded Steal knowledge from a number of nationssignificantly Greece, Moldova, Tunisia, Vietnam and Pakistan.

The bug, codenamed CVE-2023-37580, affected Zimbra Collaboration, an electronic mail service utilized by greater than 1,000 1,000 authorities organizations around the globe. In line with Google, this vulnerability allowed the theft of electronic mail knowledge, consumer IDs and passwords, and authentication tokens from organizations.

additionally learn : Watch out for scams throughout Black Friday, 50% of retail websites don’t shield their prospects

The story of exploiting this bug / Google

A case that reminds us how necessary updates are

It began in Greece on the finish of June 2023, when attackers exploited this vulnerability to ship malicious emails to sure members of the Greek authorities. If somebody clicks on the malicious hyperlink whereas logged into their Zimbra account, The aforementioned knowledge was mechanically transmitted to the hackers. Moreover, the attackers took benefit of this to arrange an computerized switch and Take possession of the goal electronic mail handle.

A number of days later, Zimbra responded properly and launched a repair for this bug on Github. Sadly, the assaults continued, which means that Affected governments didn’t set up the replace in time to guard themselves. “These campaigns additionally spotlight how attackers monitor open supply repositories to opportunistically exploit vulnerabilities in software program, significantly when a patch is referenced on a platform however not but accessible to customers,” TAG explains in a weblog submit.

Supply: Google TAG weblog